ABSTRACT
The sandwich chain Jimmy John's confirmed that hackers stole customer debit and credit card data from 216 of its stores. The hacker stole login credentials from credit card readers at corporate and franchised locations between June 16 and September 5, 2014. It learned of the breach on July 30 and hired security experts to help with its investigations. Jimmy John's said that the cards impacted were those swiped at their stores, and not the ones entered manually or online. The malware installed was capable of stealing the cardholder's name, card number, expiration data, and verification code from the magnetic stripe on the back of the card. Jimmy John's said they have taken steps to tighten security by installing machines that encrypt credit card data and are reviewing their policies and procedures for its third-party vendors.
